Access your Pro+ Content below.
Security as a Service: Benefits and risks of cloud-based security
This article is part of the September 2012 issue of Information Security magazine
Those of us who make our living from information security carry with us a dark secret: We are fighting a losing battle and giving up ground in the form of data breaches at an alarming rate. This is not due to the lack of effort on our part in protecting our organization’s assets. It comes down to the simple fact that the attackers have more time and tools for offense than we have for defense. Some organizations simply can’t afford to invest the resources necessary into a proper information security program, while others build half-hearted infosecurity programs with minimal staffing and budgets just to meet regulatory compliance. So the fact that we are losing the battle is not really a secret to anyone. However, times are changing and security professionals have a new weapon available for their arsenal to combat the ever-increasing risk of cyberattacks. The cloud has been quickly adopted by enterprises in order to reduce costs, increase agility and provide business expertise. These same types of advantages also apply to using...
Features in this issue
Understand how cross-site scripting attacks work and how to prevent them.
Malware analysis is falling short but some security researchers are working to reverse the trend.
Know the pros and cons to cloud-based security services before making the leap.
Mobile applications are proliferating in the enterprise, posing new risks to enterprises and requiring mitigation.
Columns in this issue
Security expert Marcus Ranum goes one-on-one with Alex Hutton about the problems with security metric efforts.
Veteran security journalist reminisces about covering the industry and says farewell to TechTarget.
Security pros need to understand the total costs and potential ROI of BYOD policies.